Is a leaked encrypted password more secure than a leaked hash?
Encryption tech is obviously intended to secure things that we want to be private over an insecure medium. When I log into a site for example, my password is transmitted over HTTPS, hashed by the reciever (hopefully), and then compared to the stored hash.
For securing secrets in git repos I have often used GPG in the past to encrypt them before commit, with the expectation that my secrets will not be derived by bad actors.
The intent of the hash (with salt) is to accomplish a similar goal to encrypting the value, save for it being non-reversible. The main difference being that the salted hash is usually intended to stay secret (stored in a secure DB somewhere) rather than being transferred over, or stored on, untrusted media.
Recently I've been playing with automating my workstation setup and I have a need to configure my user account from a public git repo, but I don't have secret encryption configured yet and I'd like to store my hash there.
What I'm unsure about is if this is a bad idea. In my mind, a secure and salted PBKDF with sufficient rounds should be as secure against brute force as a value encrypted with something like AES.
I've done quite a bit of searching and have not found anyone making a comparison between hashing and encryption for storage like this. Every result invariably tells the asker that you should never expose your password hash, often referencing the split of passwd and shadow as proof.
Is my intuition wrong? If so, what aspects of a hash make it weaker against brute force than an encrypted value?
